From 0af6c80758aeca75684b92a58326121af19bd411 Mon Sep 17 00:00:00 2001
From: Martin Pugh <pugh@s3kr.it>
Date: Mon, 14 Oct 2019 14:04:02 +0100
Subject: [PATCH] Add libsecp256k1 advisory

---
 crates/libsecp256k1/RUSTSEC-0000-0000.toml | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
 create mode 100644 crates/libsecp256k1/RUSTSEC-0000-0000.toml

diff --git a/crates/libsecp256k1/RUSTSEC-0000-0000.toml b/crates/libsecp256k1/RUSTSEC-0000-0000.toml
new file mode 100644
index 0000000..bc93252
--- /dev/null
+++ b/crates/libsecp256k1/RUSTSEC-0000-0000.toml
@@ -0,0 +1,18 @@
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "libsecp256k1"
+date = "2019-10-14"
+title = "Flaw in Scalar::check_overflow allows side-channel timing attack"
+description = """
+Versions of `libsecp256k1` prior to `0.3.1` did not execute
+Scalar::check_overflow in constant time.
+
+This allows an attacker to potentially leak information via a timing attack.
+
+The flaw was corrected by modifying Scalar::check_overflow to execute in
+constant time.
+"""
+patched_versions = [">= 0.3.1"]
+categories = ["crypto-failure"]
+keywords = ["crypto", "sidechannel"]
+functions = { "libsecp256k1::Scalar::check_overflow" = ["< 0.3.1"] }